TY - JOUR
T1 - Optimal Secure Two-Layer IoT Network Design
AU - Chen, Juntao
AU - Touati, Corinne
AU - Zhu, Quanyan
N1 - Funding Information:
Manuscript received June 2, 2018; revised November 20, 2018 and January 22, 2019; accepted March 9, 2019. Date of publication March 25, 2019; date of current version March 18, 2020. This work was supported in part by the DHS Grant through Critical Infrastructure Resilience Institute, in part by the Grants ECCS-1847056, CNS-1544782, and SES-1541164 from the National Science of Foundation, and in part by the Grant W911NF-19-1-0041 from ARO. Recommended by Associate Editor P. Cheng. (Corresponding author: Juntao Chen.) J. Chen and Q. Zhu are with the Department of Electrical and Computer Engineering, Tandon School of Engineering, New York University, Brooklyn, NY 11201 USA (e-mail:,jc6412@nyu.edu; qz494@nyu.edu).
Publisher Copyright:
© 2014 IEEE.
PY - 2020/3
Y1 - 2020/3
N2 - With the remarkable growth of the Internet and communication technologies over the past few decades, Internet of Things (IoTs) is enabling the ubiquitous connectivity of heterogeneous physical devices with software, sensors, and actuators. IoT networks are naturally two layers with the cloud and cellular networks coexisting with the underlaid device-to-device communications. The connectivity of IoTs plays an important role in information dissemination for mission-critical and civilian applications. However, IoT communication networks are vulnerable to cyber attacks including the denial-of-service and jamming attacks, resulting in link removals in the IoT network. In this paper, we develop a heterogeneous IoT network design framework in which a network designer can add links to provide additional communication paths between two nodes or secure links against attacks by investing resources. By anticipating the strategic cyber attacks, we characterize the optimal design of the secure IoT network by first providing a lower bound on the number of links a secure network requires for a given budget of protected links, and then developing a method to construct networks that satisfy the heterogeneous network design specifications. Therefore, each layer of the designed heterogeneous IoT network is resistant to a predefined level of malicious attacks with minimum resources. Finally, we provide case studies on the Internet of Battlefield Things to corroborate and illustrate our obtained results.
AB - With the remarkable growth of the Internet and communication technologies over the past few decades, Internet of Things (IoTs) is enabling the ubiquitous connectivity of heterogeneous physical devices with software, sensors, and actuators. IoT networks are naturally two layers with the cloud and cellular networks coexisting with the underlaid device-to-device communications. The connectivity of IoTs plays an important role in information dissemination for mission-critical and civilian applications. However, IoT communication networks are vulnerable to cyber attacks including the denial-of-service and jamming attacks, resulting in link removals in the IoT network. In this paper, we develop a heterogeneous IoT network design framework in which a network designer can add links to provide additional communication paths between two nodes or secure links against attacks by investing resources. By anticipating the strategic cyber attacks, we characterize the optimal design of the secure IoT network by first providing a lower bound on the number of links a secure network requires for a given budget of protected links, and then developing a method to construct networks that satisfy the heterogeneous network design specifications. Therefore, each layer of the designed heterogeneous IoT network is resistant to a predefined level of malicious attacks with minimum resources. Finally, we provide case studies on the Internet of Battlefield Things to corroborate and illustrate our obtained results.
KW - Connectivity
KW - Internet of Battlefield Things (IoBT)
KW - optimal design
KW - security
KW - two-layer networks
UR - http://www.scopus.com/inward/record.url?scp=85063396963&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85063396963&partnerID=8YFLogxK
U2 - 10.1109/TCNS.2019.2906893
DO - 10.1109/TCNS.2019.2906893
M3 - Article
AN - SCOPUS:85063396963
VL - 7
SP - 398
EP - 409
JO - IEEE Transactions on Control of Network Systems
JF - IEEE Transactions on Control of Network Systems
SN - 2325-5870
IS - 1
M1 - 8673619
ER -